Skip to main content

release Submodule

Constructs

Publisher

Implements GitHub jobs for publishing modules to package managers.

Under the hood, it uses https://github.com/aws/publib

Initializers 

import { release } from 'projen'

new release.Publisher(project: Project, options: PublisherOptions)
NameTypeDescription
project
projen.ProjectNo description.
options
PublisherOptions
No description.
projectRequired
  • Type: projen.Project
optionsRequired

Methods

NameDescription
toString
Returns a string representation of this construct.
postSynthesize
Called after synthesis.
preSynthesize
Called before synthesis.
synthesize
Synthesizes files to the project output directory.
addGitHubPostPublishingSteps
Adds post publishing steps for the GitHub release job.
addGitHubPrePublishingSteps
Adds pre publishing steps for the GitHub release job.
publishToGit
Publish to git.
publishToGitHubReleases
Creates a GitHub Release.
publishToGo
Adds a go publishing job.
publishToMaven
Publishes artifacts from java/** to Maven.
publishToNpm
Publishes artifacts from js/** to npm.
publishToNuget
Publishes artifacts from dotnet/** to NuGet Gallery.
publishToPyPi
Publishes wheel artifacts from python to PyPI.
toString 
public toString(): string

Returns a string representation of this construct.

postSynthesize 
public postSynthesize(): void

Called after synthesis.

Order is not guaranteed.

preSynthesize 
public preSynthesize(): void

Called before synthesis.

synthesize 
public synthesize(): void

Synthesizes files to the project output directory.

addGitHubPostPublishingSteps 
public addGitHubPostPublishingSteps(steps: JobStep): void

Adds post publishing steps for the GitHub release job.

stepsRequired
  • Type: projen.github.workflows.JobStep

The steps.

addGitHubPrePublishingSteps 
public addGitHubPrePublishingSteps(steps: JobStep): void

Adds pre publishing steps for the GitHub release job.

stepsRequired
  • Type: projen.github.workflows.JobStep

The steps.

publishToGit 
public publishToGit(options: GitPublishOptions): Task

Publish to git.

This includes generating a project-level changelog and release tags.

optionsRequired

Options.

publishToGitHubReleases 
public publishToGitHubReleases(options: GitHubReleasesPublishOptions): void

Creates a GitHub Release.

optionsRequired

Options.

publishToGo 
public publishToGo(options?: GoPublishOptions): void

Adds a go publishing job.

optionsOptional

Options.

publishToMaven 
public publishToMaven(options?: MavenPublishOptions): void

Publishes artifacts from java/** to Maven.

optionsOptional

Options.

publishToNpm 
public publishToNpm(options?: NpmPublishOptions): void

Publishes artifacts from js/** to npm.

optionsOptional

Options.

publishToNuget 
public publishToNuget(options?: NugetPublishOptions): void

Publishes artifacts from dotnet/** to NuGet Gallery.

optionsOptional

Options.

publishToPyPi 
public publishToPyPi(options?: PyPiPublishOptions): void

Publishes wheel artifacts from python to PyPI.

optionsOptional

Options.

Static Functions

NameDescription
isConstruct
Checks if x is a construct.
isComponent
Test whether the given construct is a component.
isConstruct 
import { release } from 'projen'

release.Publisher.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: any

Any object.

isComponent 
import { release } from 'projen'

release.Publisher.isComponent(x: any)

Test whether the given construct is a component.

xRequired
  • Type: any

Properties

NameTypeDescription
node
constructs.NodeThe tree node.
project
projen.ProjectNo description.
artifactName
stringNo description.
buildJobId
stringNo description.
jsiiReleaseVersion
stringNo description.
publibVersion
stringNo description.
condition
stringNo description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

projectRequired 
public readonly project: Project;
  • Type: projen.Project
artifactNameRequired 
public readonly artifactName: string;
  • Type: string
buildJobIdRequired 
public readonly buildJobId: string;
  • Type: string
jsiiReleaseVersionRequired
  • Deprecated: use publibVersion
public readonly jsiiReleaseVersion: string;
  • Type: string
publibVersionRequired 
public readonly publibVersion: string;
  • Type: string
conditionOptional 
public readonly condition: string;
  • Type: string

Constants

NameTypeDescription
PUBLISH_GIT_TASK_NAME
stringNo description.
PUBLISH_GIT_TASK_NAMERequired 
public readonly PUBLISH_GIT_TASK_NAME: string;
  • Type: string

Release

Manages releases (currently through GitHub workflows).

By default, no branches are released. To add branches, call addBranch().

Initializers 

import { release } from 'projen'

new release.Release(scope: IConstruct, options: ReleaseOptions)
NameTypeDescription
scope
constructs.IConstructshould be part of the project the Release belongs to.
options
ReleaseOptions
options to configure the Release Component.
scopeRequired
  • Type: constructs.IConstruct

should be part of the project the Release belongs to.

optionsRequired

options to configure the Release Component.

Methods

NameDescription
toString
Returns a string representation of this construct.
postSynthesize
Called after synthesis.
preSynthesize
Called before synthesis.
synthesize
Synthesizes files to the project output directory.
addBranch
Adds a release branch.
addJobs
Adds jobs to all release workflows.
toString 
public toString(): string

Returns a string representation of this construct.

postSynthesize 
public postSynthesize(): void

Called after synthesis.

Order is not guaranteed.

preSynthesize 
public preSynthesize(): void

Called before synthesis.

synthesize 
public synthesize(): void

Synthesizes files to the project output directory.

addBranch 
public addBranch(branch: string, options: BranchOptions): void

Adds a release branch.

It is a git branch from which releases are published. If a project has more than one release branch, we require that majorVersion is also specified for the primary branch in order to ensure branches always release the correct version.

branchRequired
  • Type: string

The branch to monitor (e.g. main, v2.x).

optionsRequired

Branch definition.

addJobs 
public addJobs(jobs: {[ key: string ]: Job}): void

Adds jobs to all release workflows.

jobsRequired
  • Type: {[ key: string ]: projen.github.workflows.Job}

The jobs to add (name => job).

Static Functions

NameDescription
isConstruct
Checks if x is a construct.
isComponent
Test whether the given construct is a component.
of
Returns the Release component of a project or undefined if the project does not have a Release component.
isConstruct 
import { release } from 'projen'

release.Release.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: any

Any object.

isComponent 
import { release } from 'projen'

release.Release.isComponent(x: any)

Test whether the given construct is a component.

xRequired
  • Type: any
of 
import { release } from 'projen'

release.Release.of(project: Project)

Returns the Release component of a project or undefined if the project does not have a Release component.

projectRequired
  • Type: projen.Project

Properties

NameTypeDescription
node
constructs.NodeThe tree node.
project
projen.ProjectNo description.
artifactsDirectory
stringLocation of build artifacts.
branches
string[]Retrieve all release branch names.
publisher
Publisher
Package publisher.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

projectRequired 
public readonly project: Project;
  • Type: projen.Project
artifactsDirectoryRequired 
public readonly artifactsDirectory: string;
  • Type: string

Location of build artifacts.

branchesRequired 
public readonly branches: string[];
  • Type: string[]

Retrieve all release branch names.

publisherRequired 
public readonly publisher: Publisher;

Package publisher.

Constants

NameTypeDescription
ANTI_TAMPER_CMD
stringNo description.
ANTI_TAMPER_CMDRequired 
public readonly ANTI_TAMPER_CMD: string;
  • Type: string

Structs

BranchOptions

Options for a release branch.

Initializer 

import { release } from 'projen'

const branchOptions: release.BranchOptions = { ... }

Properties

NameTypeDescription
majorVersion
numberThe major versions released from this branch.
minMajorVersion
numberThe minimum major version to release.
minorVersion
numberThe minor versions released from this branch.
npmDistTag
stringThe npm distribution tag to use for this branch.
prerelease
stringBump the version as a pre-release tag.
tagPrefix
stringAutomatically add the given prefix to release tags. Useful if you are releasing on multiple branches with overlapping version numbers.
workflowName
stringThe name of the release workflow.
majorVersionRequired 
public readonly majorVersion: number;
  • Type: number

The major versions released from this branch.

minMajorVersionOptional 
public readonly minMajorVersion: number;
  • Type: number

The minimum major version to release.

minorVersionOptional 
public readonly minorVersion: number;
  • Type: number

The minor versions released from this branch.

npmDistTagOptional 
public readonly npmDistTag: string;
  • Type: string
  • Default: "latest"

The npm distribution tag to use for this branch.

prereleaseOptional 
public readonly prerelease: string;
  • Type: string
  • Default: normal releases

Bump the version as a pre-release tag.

tagPrefixOptional 
public readonly tagPrefix: string;
  • Type: string
  • Default: no prefix

Automatically add the given prefix to release tags. Useful if you are releasing on multiple branches with overlapping version numbers.

Note: this prefix is used to detect the latest tagged version when bumping, so if you change this on a project with an existing version history, you may need to manually tag your latest release with the new prefix.

workflowNameOptional 
public readonly workflowName: string;
  • Type: string
  • Default: "release-BRANCH"

The name of the release workflow.

CodeArtifactOptions

Options for publishing packages to AWS CodeArtifact.

Initializer 

import { release } from 'projen'

const codeArtifactOptions: release.CodeArtifactOptions = { ... }

Properties

NameTypeDescription
accessKeyIdSecret
stringGitHub secret which contains the AWS access key ID to use when publishing packages to AWS CodeArtifact.
authProvider
CodeArtifactAuthProvider
Provider to use for authorizing requests to AWS CodeArtifact.
roleToAssume
stringARN of AWS role to be assumed prior to get authorization token from AWS CodeArtifact This property must be specified only when publishing to AWS CodeArtifact (registry contains AWS CodeArtifact URL).
secretAccessKeySecret
stringGitHub secret which contains the AWS secret access key to use when publishing packages to AWS CodeArtifact.
accessKeyIdSecretOptional 
public readonly accessKeyIdSecret: string;
  • Type: string
  • Default: When the authProvider value is set to CodeArtifactAuthProvider.ACCESS_AND_SECRET_KEY_PAIR, the default is "AWS_ACCESS_KEY_ID". For CodeArtifactAuthProvider.GITHUB_OIDC, this value must be left undefined.

GitHub secret which contains the AWS access key ID to use when publishing packages to AWS CodeArtifact.

This property must be specified only when publishing to AWS CodeArtifact (npmRegistryUrl contains AWS CodeArtifact URL).

authProviderOptional 
public readonly authProvider: CodeArtifactAuthProvider;

Provider to use for authorizing requests to AWS CodeArtifact.

roleToAssumeOptional 
public readonly roleToAssume: string;
  • Type: string
  • Default: undefined

ARN of AWS role to be assumed prior to get authorization token from AWS CodeArtifact This property must be specified only when publishing to AWS CodeArtifact (registry contains AWS CodeArtifact URL).

When using the CodeArtifactAuthProvider.GITHUB_OIDC auth provider, this value must be defined.

secretAccessKeySecretOptional 
public readonly secretAccessKeySecret: string;
  • Type: string
  • Default: When the authProvider value is set to CodeArtifactAuthProvider.ACCESS_AND_SECRET_KEY_PAIR, the default is "AWS_SECRET_ACCESS_KEY". For CodeArtifactAuthProvider.GITHUB_OIDC, this value must be left undefined.

GitHub secret which contains the AWS secret access key to use when publishing packages to AWS CodeArtifact.

This property must be specified only when publishing to AWS CodeArtifact (npmRegistryUrl contains AWS CodeArtifact URL).

CommonPublishOptions

Common publishing options.

Initializer 

import { release } from 'projen'

const commonPublishOptions: release.CommonPublishOptions = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
postPublishStepsOptional 
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional 
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional 
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

ContinuousReleaseOptions

Initializer 

import { release } from 'projen'

const continuousReleaseOptions: release.ContinuousReleaseOptions = { ... }

Properties

NameTypeDescription
paths
string[]Paths for which pushes should trigger a release.
pathsOptional 
public readonly paths: string[];
  • Type: string[]

Paths for which pushes should trigger a release.

GitHubReleasesPublishOptions

Publishing options for GitHub releases.

Initializer 

import { release } from 'projen'

const gitHubReleasesPublishOptions: release.GitHubReleasesPublishOptions = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
changelogFile
stringThe location of an .md file (relative to dist/) that includes the changelog for the release.
releaseTagFile
stringThe location of a text file (relative to dist/) that contains the release tag.
versionFile
stringThe location of a text file (relative to dist/) that contains the version number.
postPublishStepsOptional 
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional 
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional 
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

changelogFileRequired 
public readonly changelogFile: string;
  • Type: string

The location of an .md file (relative to dist/) that includes the changelog for the release.

Example

changelog.md
releaseTagFileRequired 
public readonly releaseTagFile: string;
  • Type: string

The location of a text file (relative to dist/) that contains the release tag.

Example

releasetag.txt
versionFileRequired 
public readonly versionFile: string;
  • Type: string

The location of a text file (relative to dist/) that contains the version number.

Example

version.txt

GitPublishOptions

Publishing options for Git releases.

Initializer 

import { release } from 'projen'

const gitPublishOptions: release.GitPublishOptions = { ... }

Properties

NameTypeDescription
changelogFile
stringThe location of an .md file (relative to dist/) that includes the changelog for the release.
releaseTagFile
stringThe location of a text file (relative to dist/) that contains the release tag.
versionFile
stringThe location of a text file (relative to dist/) that contains the version number.
gitBranch
stringBranch to push to.
gitPushCommand
stringOverride git-push command.
projectChangelogFile
stringThe location of an .md file that includes the project-level changelog.
changelogFileRequired 
public readonly changelogFile: string;
  • Type: string

The location of an .md file (relative to dist/) that includes the changelog for the release.

Example

changelog.md
releaseTagFileRequired 
public readonly releaseTagFile: string;
  • Type: string

The location of a text file (relative to dist/) that contains the release tag.

Example

releasetag.txt
versionFileRequired 
public readonly versionFile: string;
  • Type: string

The location of a text file (relative to dist/) that contains the version number.

Example

version.txt
gitBranchOptional 
public readonly gitBranch: string;
  • Type: string
  • Default: "main"

Branch to push to.

gitPushCommandOptional 
public readonly gitPushCommand: string;
  • Type: string

Override git-push command.

Set to an empty string to disable pushing.

projectChangelogFileOptional 
public readonly projectChangelogFile: string;
  • Type: string

The location of an .md file that includes the project-level changelog.

GoPublishOptions

Options for Go releases.

Initializer 

import { release } from 'projen'

const goPublishOptions: release.GoPublishOptions = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
gitBranch
stringBranch to push to.
gitCommitMessage
stringThe commit message.
githubDeployKeySecret
stringThe name of the secret that includes a GitHub deploy key used to push to the GitHub repository.
githubRepo
stringGitHub repository to push to.
githubTokenSecret
stringThe name of the secret that includes a personal GitHub access token used to push to the GitHub repository.
githubUseSsh
booleanUse SSH to push to GitHub instead of a personal accses token.
gitUserEmail
stringThe email to use in the release git commit.
gitUserName
stringThe user name to use for the release git commit.
postPublishStepsOptional 
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional 
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional 
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

gitBranchOptional 
public readonly gitBranch: string;
  • Type: string
  • Default: "main"

Branch to push to.

gitCommitMessageOptional 
public readonly gitCommitMessage: string;
  • Type: string
  • Default: "chore(release): $VERSION"

The commit message.

githubDeployKeySecretOptional 
public readonly githubDeployKeySecret: string;
  • Type: string
  • Default: "GO_GITHUB_DEPLOY_KEY"

The name of the secret that includes a GitHub deploy key used to push to the GitHub repository.

Ignored if githubUseSsh is false.

githubRepoOptional 
public readonly githubRepo: string;
  • Type: string
  • Default: derived from moduleName

GitHub repository to push to.

githubTokenSecretOptional 
public readonly githubTokenSecret: string;
  • Type: string
  • Default: "GO_GITHUB_TOKEN"

The name of the secret that includes a personal GitHub access token used to push to the GitHub repository.

Ignored if githubUseSsh is true.

githubUseSshOptional 
public readonly githubUseSsh: boolean;
  • Type: boolean
  • Default: false

Use SSH to push to GitHub instead of a personal accses token.

gitUserEmailOptional 
public readonly gitUserEmail: string;

The email to use in the release git commit.

gitUserNameOptional 
public readonly gitUserName: string;
  • Type: string
  • Default: "github-actions"

The user name to use for the release git commit.

JsiiReleaseGo

Initializer 

import { release } from 'projen'

const jsiiReleaseGo: release.JsiiReleaseGo = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
gitBranch
stringBranch to push to.
gitCommitMessage
stringThe commit message.
githubDeployKeySecret
stringThe name of the secret that includes a GitHub deploy key used to push to the GitHub repository.
githubRepo
stringGitHub repository to push to.
githubTokenSecret
stringThe name of the secret that includes a personal GitHub access token used to push to the GitHub repository.
githubUseSsh
booleanUse SSH to push to GitHub instead of a personal accses token.
gitUserEmail
stringThe email to use in the release git commit.
gitUserName
stringThe user name to use for the release git commit.
postPublishStepsOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

gitBranchOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly gitBranch: string;
  • Type: string
  • Default: "main"

Branch to push to.

gitCommitMessageOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly gitCommitMessage: string;
  • Type: string
  • Default: "chore(release): $VERSION"

The commit message.

githubDeployKeySecretOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly githubDeployKeySecret: string;
  • Type: string
  • Default: "GO_GITHUB_DEPLOY_KEY"

The name of the secret that includes a GitHub deploy key used to push to the GitHub repository.

Ignored if githubUseSsh is false.

githubRepoOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly githubRepo: string;
  • Type: string
  • Default: derived from moduleName

GitHub repository to push to.

githubTokenSecretOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly githubTokenSecret: string;
  • Type: string
  • Default: "GO_GITHUB_TOKEN"

The name of the secret that includes a personal GitHub access token used to push to the GitHub repository.

Ignored if githubUseSsh is true.

githubUseSshOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly githubUseSsh: boolean;
  • Type: boolean
  • Default: false

Use SSH to push to GitHub instead of a personal accses token.

gitUserEmailOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly gitUserEmail: string;

The email to use in the release git commit.

gitUserNameOptional
  • Deprecated: Use GoPublishOptions instead.
public readonly gitUserName: string;
  • Type: string
  • Default: "github-actions"

The user name to use for the release git commit.

JsiiReleaseMaven

Initializer 

import { release } from 'projen'

const jsiiReleaseMaven: release.JsiiReleaseMaven = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
mavenEndpoint
stringURL of Nexus repository.
mavenGpgPrivateKeyPassphrase
stringGitHub secret name which contains the GPG private key or file that includes it.
mavenGpgPrivateKeySecret
stringGitHub secret name which contains the GPG private key or file that includes it.
mavenPassword
stringGitHub secret name which contains the Password for maven repository.
mavenRepositoryUrl
stringDeployment repository when not deploying to Maven Central.
mavenServerId
stringUsed in maven settings for credential lookup (e.g. use github when publishing to GitHub).
mavenStagingProfileId
stringGitHub secret name which contains the Maven Central (sonatype) staging profile ID (e.g. 68a05363083174). Staging profile ID can be found in the URL of the "Releases" staging profile under "Staging Profiles" in https://oss.sonatype.org (e.g. https://oss.sonatype.org/#stagingProfiles;11a33451234521).
mavenUsername
stringGitHub secret name which contains the Username for maven repository.
postPublishStepsOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

mavenEndpointOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly mavenEndpoint: string;

URL of Nexus repository.

if not set, defaults to https://oss.sonatype.org

mavenGpgPrivateKeyPassphraseOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly mavenGpgPrivateKeyPassphrase: string;
  • Type: string
  • Default: "MAVEN_GPG_PRIVATE_KEY_PASSPHRASE" or not set when using GitHub Packages

GitHub secret name which contains the GPG private key or file that includes it.

This is used to sign your Maven packages. See instructions.

https://github.com/aws/publib#maven

mavenGpgPrivateKeySecretOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly mavenGpgPrivateKeySecret: string;
  • Type: string
  • Default: "MAVEN_GPG_PRIVATE_KEY" or not set when using GitHub Packages

GitHub secret name which contains the GPG private key or file that includes it.

This is used to sign your Maven packages. See instructions.

https://github.com/aws/publib#maven

mavenPasswordOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly mavenPassword: string;
  • Type: string
  • Default: "MAVEN_PASSWORD" or "GITHUB_TOKEN" when using GitHub Packages

GitHub secret name which contains the Password for maven repository.

For Maven Central, you will need to Create JIRA account and then request a new project (see links).

https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=21&pid=10134

mavenRepositoryUrlOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly mavenRepositoryUrl: string;
  • Type: string
  • Default: not set

Deployment repository when not deploying to Maven Central.

mavenServerIdOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly mavenServerId: string;
  • Type: string
  • Default: "ossrh" (Maven Central) or "github" when using GitHub Packages

Used in maven settings for credential lookup (e.g. use github when publishing to GitHub).

mavenStagingProfileIdOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly mavenStagingProfileId: string;
  • Type: string
  • Default: "MAVEN_STAGING_PROFILE_ID" or not set when using GitHub Packages

GitHub secret name which contains the Maven Central (sonatype) staging profile ID (e.g. 68a05363083174). Staging profile ID can be found in the URL of the "Releases" staging profile under "Staging Profiles" in https://oss.sonatype.org (e.g. https://oss.sonatype.org/#stagingProfiles;11a33451234521).

mavenUsernameOptional
  • Deprecated: Use MavenPublishOptions instead.
public readonly mavenUsername: string;
  • Type: string
  • Default: "MAVEN_USERNAME" or the GitHub Actor when using GitHub Packages

GitHub secret name which contains the Username for maven repository.

For Maven Central, you will need to Create JIRA account and then request a new project (see links).

https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=21&pid=10134

JsiiReleaseNpm

Initializer 

import { release } from 'projen'

const jsiiReleaseNpm: release.JsiiReleaseNpm = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
codeArtifactOptions
CodeArtifactOptions
Options for publishing npm package to AWS CodeArtifact.
distTag
stringTags can be used to provide an alias instead of version numbers.
npmProvenance
booleanShould provenance statements be generated when package is published.
npmTokenSecret
stringGitHub secret which contains the NPM token to use when publishing packages.
registry
stringThe domain name of the npm package registry.
postPublishStepsOptional
  • Deprecated: Use NpmPublishOptions instead.
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional
  • Deprecated: Use NpmPublishOptions instead.
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional
  • Deprecated: Use NpmPublishOptions instead.
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

codeArtifactOptionsOptional
  • Deprecated: Use NpmPublishOptions instead.
public readonly codeArtifactOptions: CodeArtifactOptions;

Options for publishing npm package to AWS CodeArtifact.

distTagOptional
  • Deprecated: Use npmDistTag for each release branch instead.
public readonly distTag: string;
  • Type: string
  • Default: "latest"

Tags can be used to provide an alias instead of version numbers.

For example, a project might choose to have multiple streams of development and use a different tag for each stream, e.g., stable, beta, dev, canary.

By default, the latest tag is used by npm to identify the current version of a package, and npm install <pkg> (without any @<version> or @<tag> specifier) installs the latest tag. Typically, projects only use the latest tag for stable release versions, and use other tags for unstable versions such as prereleases.

The next tag is used by some projects to identify the upcoming version.

npmProvenanceOptional
  • Deprecated: Use NpmPublishOptions instead.
public readonly npmProvenance: boolean;
  • Type: boolean
  • Default: undefined

Should provenance statements be generated when package is published.

Note that this component is using publib to publish packages, which is using npm internally and supports provenance statements independently of the package manager used.

https://docs.npmjs.com/generating-provenance-statements

npmTokenSecretOptional
  • Deprecated: Use NpmPublishOptions instead.
public readonly npmTokenSecret: string;
  • Type: string
  • Default: "NPM_TOKEN" or "GITHUB_TOKEN" if registry is set to npm.pkg.github.com.

GitHub secret which contains the NPM token to use when publishing packages.

registryOptional
  • Deprecated: Use NpmPublishOptions instead.
public readonly registry: string;
  • Type: string
  • Default: "registry.npmjs.org"

The domain name of the npm package registry.

To publish to GitHub Packages, set this value to "npm.pkg.github.com". In this if npmTokenSecret is not specified, it will default to GITHUB_TOKEN which means that you will be able to publish to the repository's package store. In this case, make sure repositoryUrl is correctly defined.

Example

"npm.pkg.github.com"

JsiiReleaseNuget

Initializer 

import { release } from 'projen'

const jsiiReleaseNuget: release.JsiiReleaseNuget = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
nugetApiKeySecret
stringGitHub secret which contains the API key for NuGet.
nugetServer
stringNuGet Server URL (defaults to nuget.org).
postPublishStepsOptional
  • Deprecated: Use NugetPublishOptions instead.
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional
  • Deprecated: Use NugetPublishOptions instead.
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional
  • Deprecated: Use NugetPublishOptions instead.
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

nugetApiKeySecretOptional
  • Deprecated: Use NugetPublishOptions instead.
public readonly nugetApiKeySecret: string;
  • Type: string
  • Default: "NUGET_API_KEY"

GitHub secret which contains the API key for NuGet.

nugetServerOptional
  • Deprecated: Use NugetPublishOptions instead.
public readonly nugetServer: string;
  • Type: string

NuGet Server URL (defaults to nuget.org).

JsiiReleasePyPi

Initializer 

import { release } from 'projen'

const jsiiReleasePyPi: release.JsiiReleasePyPi = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
codeArtifactOptions
CodeArtifactOptions
Options for publishing to AWS CodeArtifact.
twinePasswordSecret
stringThe GitHub secret which contains PyPI password.
twineRegistryUrl
stringThe registry url to use when releasing packages.
twineUsernameSecret
stringThe GitHub secret which contains PyPI user name.
postPublishStepsOptional
  • Deprecated: Use PyPiPublishOptions instead.
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional
  • Deprecated: Use PyPiPublishOptions instead.
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional
  • Deprecated: Use PyPiPublishOptions instead.
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

codeArtifactOptionsOptional
  • Deprecated: Use PyPiPublishOptions instead.
public readonly codeArtifactOptions: CodeArtifactOptions;

Options for publishing to AWS CodeArtifact.

twinePasswordSecretOptional
  • Deprecated: Use PyPiPublishOptions instead.
public readonly twinePasswordSecret: string;
  • Type: string
  • Default: "TWINE_PASSWORD"

The GitHub secret which contains PyPI password.

twineRegistryUrlOptional
  • Deprecated: Use PyPiPublishOptions instead.
public readonly twineRegistryUrl: string;
  • Type: string
  • Default: twine default

The registry url to use when releasing packages.

twineUsernameSecretOptional
  • Deprecated: Use PyPiPublishOptions instead.
public readonly twineUsernameSecret: string;
  • Type: string
  • Default: "TWINE_USERNAME"

The GitHub secret which contains PyPI user name.

ManualReleaseOptions

Initializer 

import { release } from 'projen'

const manualReleaseOptions: release.ManualReleaseOptions = { ... }

Properties

NameTypeDescription
changelog
booleanMaintain a project-level changelog.
changelogPath
stringProject-level changelog file path.
gitPushCommand
stringOverride git-push command.
changelogOptional 
public readonly changelog: boolean;
  • Type: boolean
  • Default: true

Maintain a project-level changelog.

changelogPathOptional 
public readonly changelogPath: string;
  • Type: string
  • Default: 'CHANGELOG.md'

Project-level changelog file path.

Ignored if changelog is false.

gitPushCommandOptional 
public readonly gitPushCommand: string;
  • Type: string

Override git-push command.

Set to an empty string to disable pushing.

MavenPublishOptions

Options for Maven releases.

Initializer 

import { release } from 'projen'

const mavenPublishOptions: release.MavenPublishOptions = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
mavenEndpoint
stringURL of Nexus repository.
mavenGpgPrivateKeyPassphrase
stringGitHub secret name which contains the GPG private key or file that includes it.
mavenGpgPrivateKeySecret
stringGitHub secret name which contains the GPG private key or file that includes it.
mavenPassword
stringGitHub secret name which contains the Password for maven repository.
mavenRepositoryUrl
stringDeployment repository when not deploying to Maven Central.
mavenServerId
stringUsed in maven settings for credential lookup (e.g. use github when publishing to GitHub).
mavenStagingProfileId
stringGitHub secret name which contains the Maven Central (sonatype) staging profile ID (e.g. 68a05363083174). Staging profile ID can be found in the URL of the "Releases" staging profile under "Staging Profiles" in https://oss.sonatype.org (e.g. https://oss.sonatype.org/#stagingProfiles;11a33451234521).
mavenUsername
stringGitHub secret name which contains the Username for maven repository.
postPublishStepsOptional 
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional 
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional 
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

mavenEndpointOptional 
public readonly mavenEndpoint: string;

URL of Nexus repository.

if not set, defaults to https://oss.sonatype.org

mavenGpgPrivateKeyPassphraseOptional 
public readonly mavenGpgPrivateKeyPassphrase: string;
  • Type: string
  • Default: "MAVEN_GPG_PRIVATE_KEY_PASSPHRASE" or not set when using GitHub Packages

GitHub secret name which contains the GPG private key or file that includes it.

This is used to sign your Maven packages. See instructions.

https://github.com/aws/publib#maven

mavenGpgPrivateKeySecretOptional 
public readonly mavenGpgPrivateKeySecret: string;
  • Type: string
  • Default: "MAVEN_GPG_PRIVATE_KEY" or not set when using GitHub Packages

GitHub secret name which contains the GPG private key or file that includes it.

This is used to sign your Maven packages. See instructions.

https://github.com/aws/publib#maven

mavenPasswordOptional 
public readonly mavenPassword: string;
  • Type: string
  • Default: "MAVEN_PASSWORD" or "GITHUB_TOKEN" when using GitHub Packages

GitHub secret name which contains the Password for maven repository.

For Maven Central, you will need to Create JIRA account and then request a new project (see links).

https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=21&pid=10134

mavenRepositoryUrlOptional 
public readonly mavenRepositoryUrl: string;
  • Type: string
  • Default: not set

Deployment repository when not deploying to Maven Central.

mavenServerIdOptional 
public readonly mavenServerId: string;
  • Type: string
  • Default: "ossrh" (Maven Central) or "github" when using GitHub Packages

Used in maven settings for credential lookup (e.g. use github when publishing to GitHub).

mavenStagingProfileIdOptional 
public readonly mavenStagingProfileId: string;
  • Type: string
  • Default: "MAVEN_STAGING_PROFILE_ID" or not set when using GitHub Packages

GitHub secret name which contains the Maven Central (sonatype) staging profile ID (e.g. 68a05363083174). Staging profile ID can be found in the URL of the "Releases" staging profile under "Staging Profiles" in https://oss.sonatype.org (e.g. https://oss.sonatype.org/#stagingProfiles;11a33451234521).

mavenUsernameOptional 
public readonly mavenUsername: string;
  • Type: string
  • Default: "MAVEN_USERNAME" or the GitHub Actor when using GitHub Packages

GitHub secret name which contains the Username for maven repository.

For Maven Central, you will need to Create JIRA account and then request a new project (see links).

https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=21&pid=10134

NpmPublishOptions

Options for npm release.

Initializer 

import { release } from 'projen'

const npmPublishOptions: release.NpmPublishOptions = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
codeArtifactOptions
CodeArtifactOptions
Options for publishing npm package to AWS CodeArtifact.
distTag
stringTags can be used to provide an alias instead of version numbers.
npmProvenance
booleanShould provenance statements be generated when package is published.
npmTokenSecret
stringGitHub secret which contains the NPM token to use when publishing packages.
registry
stringThe domain name of the npm package registry.
postPublishStepsOptional 
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional 
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional 
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

codeArtifactOptionsOptional 
public readonly codeArtifactOptions: CodeArtifactOptions;

Options for publishing npm package to AWS CodeArtifact.

distTagOptional
  • Deprecated: Use npmDistTag for each release branch instead.
public readonly distTag: string;
  • Type: string
  • Default: "latest"

Tags can be used to provide an alias instead of version numbers.

For example, a project might choose to have multiple streams of development and use a different tag for each stream, e.g., stable, beta, dev, canary.

By default, the latest tag is used by npm to identify the current version of a package, and npm install <pkg> (without any @<version> or @<tag> specifier) installs the latest tag. Typically, projects only use the latest tag for stable release versions, and use other tags for unstable versions such as prereleases.

The next tag is used by some projects to identify the upcoming version.

npmProvenanceOptional 
public readonly npmProvenance: boolean;
  • Type: boolean
  • Default: undefined

Should provenance statements be generated when package is published.

Note that this component is using publib to publish packages, which is using npm internally and supports provenance statements independently of the package manager used.

https://docs.npmjs.com/generating-provenance-statements

npmTokenSecretOptional 
public readonly npmTokenSecret: string;
  • Type: string
  • Default: "NPM_TOKEN" or "GITHUB_TOKEN" if registry is set to npm.pkg.github.com.

GitHub secret which contains the NPM token to use when publishing packages.

registryOptional 
public readonly registry: string;
  • Type: string
  • Default: "registry.npmjs.org"

The domain name of the npm package registry.

To publish to GitHub Packages, set this value to "npm.pkg.github.com". In this if npmTokenSecret is not specified, it will default to GITHUB_TOKEN which means that you will be able to publish to the repository's package store. In this case, make sure repositoryUrl is correctly defined.

Example

"npm.pkg.github.com"

NugetPublishOptions

Options for NuGet releases.

Initializer 

import { release } from 'projen'

const nugetPublishOptions: release.NugetPublishOptions = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
nugetApiKeySecret
stringGitHub secret which contains the API key for NuGet.
nugetServer
stringNuGet Server URL (defaults to nuget.org).
postPublishStepsOptional 
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional 
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional 
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

nugetApiKeySecretOptional 
public readonly nugetApiKeySecret: string;
  • Type: string
  • Default: "NUGET_API_KEY"

GitHub secret which contains the API key for NuGet.

nugetServerOptional 
public readonly nugetServer: string;
  • Type: string

NuGet Server URL (defaults to nuget.org).

PublisherOptions

Options for Publisher.

Initializer 

import { release } from 'projen'

const publisherOptions: release.PublisherOptions = { ... }

Properties

NameTypeDescription
artifactName
stringThe name of the artifact to download (e.g. dist).
buildJobId
stringThe job ID that produces the build artifacts.
condition
stringA GitHub workflow expression used as a condition for publishers.
dryRun
booleanDo not actually publish, only print the commands that would be executed instead.
failureIssue
booleanCreate an issue when a publish task fails.
failureIssueLabel
stringThe label to apply to the issue marking failed publish tasks.
jsiiReleaseVersion
stringNo description.
publibVersion
stringVersion requirement for publib.
publishTasks
booleanDefine publishing tasks that can be executed manually as well as workflows.
workflowContainerImage
stringContainer image to use for GitHub workflows.
workflowNodeVersion
stringNode version to setup in GitHub workflows if any node-based CLI utilities are needed.
workflowRunsOn
string[]Github Runner selection labels.
workflowRunsOnGroup
projen.GroupRunnerOptionsGithub Runner Group selection options.
artifactNameRequired 
public readonly artifactName: string;
  • Type: string

The name of the artifact to download (e.g. dist).

The artifact is expected to include a subdirectory for each release target: go (GitHub), dotnet (NuGet), java (Maven), js (npm), python (PyPI).

https://github.com/aws/publib

buildJobIdRequired 
public readonly buildJobId: string;
  • Type: string

The job ID that produces the build artifacts.

All publish jobs will take a dependency on this job.

conditionOptional 
public readonly condition: string;
  • Type: string
  • Default: no condition

A GitHub workflow expression used as a condition for publishers.

dryRunOptional 
public readonly dryRun: boolean;
  • Type: boolean

Do not actually publish, only print the commands that would be executed instead.

Useful if you wish to block all publishing from a single option.

failureIssueOptional 
public readonly failureIssue: boolean;
  • Type: boolean
  • Default: false

Create an issue when a publish task fails.

failureIssueLabelOptional 
public readonly failureIssueLabel: string;
  • Type: string
  • Default: "failed-release"

The label to apply to the issue marking failed publish tasks.

Only applies if failureIssue is true.

jsiiReleaseVersionOptional
  • Deprecated: use publibVersion instead
public readonly jsiiReleaseVersion: string;
  • Type: string
publibVersionOptional 
public readonly publibVersion: string;
  • Type: string
  • Default: "latest"

Version requirement for publib.

publishTasksOptional 
public readonly publishTasks: boolean;
  • Type: boolean
  • Default: false

Define publishing tasks that can be executed manually as well as workflows.

Normally, publishing only happens within automated workflows. Enable this in order to create a publishing task for each publishing activity.

workflowContainerImageOptional 
public readonly workflowContainerImage: string;
  • Type: string
  • Default: default image

Container image to use for GitHub workflows.

workflowNodeVersionOptional 
public readonly workflowNodeVersion: string;
  • Type: string
  • Default: 18.x

Node version to setup in GitHub workflows if any node-based CLI utilities are needed.

For example publib, the CLI projen uses to publish releases, is an npm library.

workflowRunsOnOptional 
public readonly workflowRunsOn: string[];
  • Type: string[]
  • Default: ["ubuntu-latest"]

Github Runner selection labels.

workflowRunsOnGroupOptional 
public readonly workflowRunsOnGroup: GroupRunnerOptions;
  • Type: projen.GroupRunnerOptions

Github Runner Group selection options.

PyPiPublishOptions

Options for PyPI release.

Initializer 

import { release } from 'projen'

const pyPiPublishOptions: release.PyPiPublishOptions = { ... }

Properties

NameTypeDescription
postPublishSteps
projen.github.workflows.JobStep[]Steps to execute after executing the publishing command.
prePublishSteps
projen.github.workflows.JobStep[]Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.
publishTools
projen.github.workflows.ToolsAdditional tools to install in the publishing job.
codeArtifactOptions
CodeArtifactOptions
Options for publishing to AWS CodeArtifact.
twinePasswordSecret
stringThe GitHub secret which contains PyPI password.
twineRegistryUrl
stringThe registry url to use when releasing packages.
twineUsernameSecret
stringThe GitHub secret which contains PyPI user name.
postPublishStepsOptional 
public readonly postPublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute after executing the publishing command.

These can be used to add/update the release artifacts ot any other tasks needed.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPostPublishingSteps.

prePublishStepsOptional 
public readonly prePublishSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

Steps to execute before executing the publishing command. These can be used to prepare the artifact for publishing if neede.

These steps are executed after dist/ has been populated with the build output.

Note that when using this in publishToGitHubReleases this will override steps added via addGitHubPrePublishingSteps.

publishToolsOptional 
public readonly publishTools: Tools;
  • Type: projen.github.workflows.Tools
  • Default: no additional tools are installed

Additional tools to install in the publishing job.

codeArtifactOptionsOptional 
public readonly codeArtifactOptions: CodeArtifactOptions;

Options for publishing to AWS CodeArtifact.

twinePasswordSecretOptional 
public readonly twinePasswordSecret: string;
  • Type: string
  • Default: "TWINE_PASSWORD"

The GitHub secret which contains PyPI password.

twineRegistryUrlOptional 
public readonly twineRegistryUrl: string;
  • Type: string
  • Default: twine default

The registry url to use when releasing packages.

twineUsernameSecretOptional 
public readonly twineUsernameSecret: string;
  • Type: string
  • Default: "TWINE_USERNAME"

The GitHub secret which contains PyPI user name.

ReleaseOptions

Options for Release.

Initializer 

import { release } from 'projen'

const releaseOptions: release.ReleaseOptions = { ... }

Properties

NameTypeDescription
jsiiReleaseVersion
stringVersion requirement of publib which is used to publish modules to npm.
majorVersion
numberMajor version to release from the default branch.
minMajorVersion
numberMinimal Major version to release.
npmDistTag
stringThe npmDistTag to use when publishing from the default branch.
postBuildSteps
projen.github.workflows.JobStep[]Steps to execute after build as part of the release workflow.
prerelease
stringBump versions from the default branch as pre-releases (e.g. "beta", "alpha", "pre").
publishDryRun
booleanInstead of actually publishing to package managers, just print the publishing command.
publishTasks
booleanDefine publishing tasks that can be executed manually as well as workflows.
releasableCommits
projen.ReleasableCommitsFind commits that should be considered releasable Used to decide if a release is required.
releaseBranches
{[ key: string ]: BranchOptions}
Defines additional release branches.
releaseEveryCommit
booleanAutomatically release new versions every commit to one of branches in releaseBranches.
releaseFailureIssue
booleanCreate a github issue on every failed publishing task.
releaseFailureIssueLabel
stringThe label to apply to issues indicating publish failures.
releaseSchedule
stringCRON schedule to trigger new releases.
releaseTagPrefix
stringAutomatically add the given prefix to release tags. Useful if you are releasing on multiple branches with overlapping version numbers.
releaseTrigger
ReleaseTrigger
The release trigger to use.
releaseWorkflowName
stringThe name of the default release workflow.
releaseWorkflowSetupSteps
projen.github.workflows.JobStep[]A set of workflow steps to execute in order to setup the workflow container.
versionrcOptions
{[ key: string ]: any}Custom configuration used when creating changelog with standard-version package.
workflowContainerImage
stringContainer image to use for GitHub workflows.
workflowRunsOn
string[]Github Runner selection labels.
workflowRunsOnGroup
projen.GroupRunnerOptionsGithub Runner Group selection options.
artifactsDirectory
stringA directory which will contain build artifacts.
branch
stringThe default branch name to release from.
task
projen.TaskThe task to execute in order to create the release artifacts.
versionFile
stringA name of a .json file to set the version field in after a bump.
githubRelease
booleanCreate a GitHub release for each release.
workflowNodeVersion
stringNode version to setup in GitHub workflows if any node-based CLI utilities are needed.
workflowPermissions
projen.github.workflows.JobPermissionsPermissions granted to the release workflow job.
jsiiReleaseVersionOptional 
public readonly jsiiReleaseVersion: string;
  • Type: string
  • Default: "latest"

Version requirement of publib which is used to publish modules to npm.

majorVersionOptional 
public readonly majorVersion: number;
  • Type: number
  • Default: Major version is not enforced.

Major version to release from the default branch.

If this is specified, we bump the latest version of this major version line. If not specified, we bump the global latest version.

minMajorVersionOptional 
public readonly minMajorVersion: number;
  • Type: number
  • Default: No minimum version is being enforced

Minimal Major version to release.

This can be useful to set to 1, as breaking changes before the 1.x major release are not incrementing the major version number.

Can not be set together with majorVersion.

npmDistTagOptional 
public readonly npmDistTag: string;
  • Type: string
  • Default: "latest"

The npmDistTag to use when publishing from the default branch.

To set the npm dist-tag for release branches, set the npmDistTag property for each branch.

postBuildStepsOptional 
public readonly postBuildSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]
  • Default: []

Steps to execute after build as part of the release workflow.

prereleaseOptional 
public readonly prerelease: string;
  • Type: string
  • Default: normal semantic versions

Bump versions from the default branch as pre-releases (e.g. "beta", "alpha", "pre").

publishDryRunOptional 
public readonly publishDryRun: boolean;
  • Type: boolean
  • Default: false

Instead of actually publishing to package managers, just print the publishing command.

publishTasksOptional 
public readonly publishTasks: boolean;
  • Type: boolean
  • Default: false

Define publishing tasks that can be executed manually as well as workflows.

Normally, publishing only happens within automated workflows. Enable this in order to create a publishing task for each publishing activity.

releasableCommitsOptional 
public readonly releasableCommits: ReleasableCommits;
  • Type: projen.ReleasableCommits
  • Default: ReleasableCommits.everyCommit()

Find commits that should be considered releasable Used to decide if a release is required.

releaseBranchesOptional 
public readonly releaseBranches: {[ key: string ]: BranchOptions};
  • Type: {[ key: string ]: BranchOptions}
  • Default: no additional branches are used for release. you can use addBranch() to add additional branches.

Defines additional release branches.

A workflow will be created for each release branch which will publish releases from commits in this branch. Each release branch must be assigned a major version number which is used to enforce that versions published from that branch always use that major version. If multiple branches are used, the majorVersion field must also be provided for the default branch.

releaseEveryCommitOptional
  • Deprecated: Use releaseTrigger: ReleaseTrigger.continuous() instead
public readonly releaseEveryCommit: boolean;
  • Type: boolean
  • Default: true

Automatically release new versions every commit to one of branches in releaseBranches.

releaseFailureIssueOptional 
public readonly releaseFailureIssue: boolean;
  • Type: boolean
  • Default: false

Create a github issue on every failed publishing task.

releaseFailureIssueLabelOptional 
public readonly releaseFailureIssueLabel: string;
  • Type: string
  • Default: "failed-release"

The label to apply to issues indicating publish failures.

Only applies if releaseFailureIssue is true.

releaseScheduleOptional
  • Deprecated: Use releaseTrigger: ReleaseTrigger.scheduled() instead
public readonly releaseSchedule: string;
  • Type: string
  • Default: no scheduled releases

CRON schedule to trigger new releases.

releaseTagPrefixOptional 
public readonly releaseTagPrefix: string;
  • Type: string
  • Default: "v"

Automatically add the given prefix to release tags. Useful if you are releasing on multiple branches with overlapping version numbers.

Note: this prefix is used to detect the latest tagged version when bumping, so if you change this on a project with an existing version history, you may need to manually tag your latest release with the new prefix.

releaseTriggerOptional 
public readonly releaseTrigger: ReleaseTrigger;
  • Type: ReleaseTrigger
  • Default: Continuous releases (ReleaseTrigger.continuous())

The release trigger to use.

releaseWorkflowNameOptional 
public readonly releaseWorkflowName: string;
  • Type: string
  • Default: "release"

The name of the default release workflow.

releaseWorkflowSetupStepsOptional 
public readonly releaseWorkflowSetupSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

A set of workflow steps to execute in order to setup the workflow container.

versionrcOptionsOptional 
public readonly versionrcOptions: {[ key: string ]: any};
  • Type: {[ key: string ]: any}
  • Default: standard configuration applicable for GitHub repositories

Custom configuration used when creating changelog with standard-version package.

Given values either append to default configuration or overwrite values in it.

workflowContainerImageOptional 
public readonly workflowContainerImage: string;
  • Type: string
  • Default: default image

Container image to use for GitHub workflows.

workflowRunsOnOptional 
public readonly workflowRunsOn: string[];
  • Type: string[]
  • Default: ["ubuntu-latest"]

Github Runner selection labels.

workflowRunsOnGroupOptional 
public readonly workflowRunsOnGroup: GroupRunnerOptions;
  • Type: projen.GroupRunnerOptions

Github Runner Group selection options.

artifactsDirectoryRequired 
public readonly artifactsDirectory: string;
  • Type: string
  • Default: "dist"

A directory which will contain build artifacts.

branchRequired 
public readonly branch: string;
  • Type: string

The default branch name to release from.

Use majorVersion to restrict this branch to only publish releases with a specific major version.

You can add additional branches using addBranch().

taskRequired 
public readonly task: Task;
  • Type: projen.Task

The task to execute in order to create the release artifacts.

Artifacts are expected to reside under artifactsDirectory (defaults to dist/) once build is complete.

versionFileRequired 
public readonly versionFile: string;
  • Type: string

A name of a .json file to set the version field in after a bump.

Example

"package.json"
githubReleaseOptional 
public readonly githubRelease: boolean;
  • Type: boolean
  • Default: true

Create a GitHub release for each release.

workflowNodeVersionOptional 
public readonly workflowNodeVersion: string;
  • Type: string
  • Default: 18.x

Node version to setup in GitHub workflows if any node-based CLI utilities are needed.

For example publib, the CLI projen uses to publish releases, is an npm library.

workflowPermissionsOptional 
public readonly workflowPermissions: JobPermissions;
  • Type: projen.github.workflows.JobPermissions
  • Default: { contents: JobPermission.WRITE }

Permissions granted to the release workflow job.

ReleaseProjectOptions

Project options for release.

Initializer 

import { release } from 'projen'

const releaseProjectOptions: release.ReleaseProjectOptions = { ... }

Properties

NameTypeDescription
jsiiReleaseVersion
stringVersion requirement of publib which is used to publish modules to npm.
majorVersion
numberMajor version to release from the default branch.
minMajorVersion
numberMinimal Major version to release.
npmDistTag
stringThe npmDistTag to use when publishing from the default branch.
postBuildSteps
projen.github.workflows.JobStep[]Steps to execute after build as part of the release workflow.
prerelease
stringBump versions from the default branch as pre-releases (e.g. "beta", "alpha", "pre").
publishDryRun
booleanInstead of actually publishing to package managers, just print the publishing command.
publishTasks
booleanDefine publishing tasks that can be executed manually as well as workflows.
releasableCommits
projen.ReleasableCommitsFind commits that should be considered releasable Used to decide if a release is required.
releaseBranches
{[ key: string ]: BranchOptions}
Defines additional release branches.
releaseEveryCommit
booleanAutomatically release new versions every commit to one of branches in releaseBranches.
releaseFailureIssue
booleanCreate a github issue on every failed publishing task.
releaseFailureIssueLabel
stringThe label to apply to issues indicating publish failures.
releaseSchedule
stringCRON schedule to trigger new releases.
releaseTagPrefix
stringAutomatically add the given prefix to release tags. Useful if you are releasing on multiple branches with overlapping version numbers.
releaseTrigger
ReleaseTrigger
The release trigger to use.
releaseWorkflowName
stringThe name of the default release workflow.
releaseWorkflowSetupSteps
projen.github.workflows.JobStep[]A set of workflow steps to execute in order to setup the workflow container.
versionrcOptions
{[ key: string ]: any}Custom configuration used when creating changelog with standard-version package.
workflowContainerImage
stringContainer image to use for GitHub workflows.
workflowRunsOn
string[]Github Runner selection labels.
workflowRunsOnGroup
projen.GroupRunnerOptionsGithub Runner Group selection options.
jsiiReleaseVersionOptional 
public readonly jsiiReleaseVersion: string;
  • Type: string
  • Default: "latest"

Version requirement of publib which is used to publish modules to npm.

majorVersionOptional 
public readonly majorVersion: number;
  • Type: number
  • Default: Major version is not enforced.

Major version to release from the default branch.

If this is specified, we bump the latest version of this major version line. If not specified, we bump the global latest version.

minMajorVersionOptional 
public readonly minMajorVersion: number;
  • Type: number
  • Default: No minimum version is being enforced

Minimal Major version to release.

This can be useful to set to 1, as breaking changes before the 1.x major release are not incrementing the major version number.

Can not be set together with majorVersion.

npmDistTagOptional 
public readonly npmDistTag: string;
  • Type: string
  • Default: "latest"

The npmDistTag to use when publishing from the default branch.

To set the npm dist-tag for release branches, set the npmDistTag property for each branch.

postBuildStepsOptional 
public readonly postBuildSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]
  • Default: []

Steps to execute after build as part of the release workflow.

prereleaseOptional 
public readonly prerelease: string;
  • Type: string
  • Default: normal semantic versions

Bump versions from the default branch as pre-releases (e.g. "beta", "alpha", "pre").

publishDryRunOptional 
public readonly publishDryRun: boolean;
  • Type: boolean
  • Default: false

Instead of actually publishing to package managers, just print the publishing command.

publishTasksOptional 
public readonly publishTasks: boolean;
  • Type: boolean
  • Default: false

Define publishing tasks that can be executed manually as well as workflows.

Normally, publishing only happens within automated workflows. Enable this in order to create a publishing task for each publishing activity.

releasableCommitsOptional 
public readonly releasableCommits: ReleasableCommits;
  • Type: projen.ReleasableCommits
  • Default: ReleasableCommits.everyCommit()

Find commits that should be considered releasable Used to decide if a release is required.

releaseBranchesOptional 
public readonly releaseBranches: {[ key: string ]: BranchOptions};
  • Type: {[ key: string ]: BranchOptions}
  • Default: no additional branches are used for release. you can use addBranch() to add additional branches.

Defines additional release branches.

A workflow will be created for each release branch which will publish releases from commits in this branch. Each release branch must be assigned a major version number which is used to enforce that versions published from that branch always use that major version. If multiple branches are used, the majorVersion field must also be provided for the default branch.

releaseEveryCommitOptional
  • Deprecated: Use releaseTrigger: ReleaseTrigger.continuous() instead
public readonly releaseEveryCommit: boolean;
  • Type: boolean
  • Default: true

Automatically release new versions every commit to one of branches in releaseBranches.

releaseFailureIssueOptional 
public readonly releaseFailureIssue: boolean;
  • Type: boolean
  • Default: false

Create a github issue on every failed publishing task.

releaseFailureIssueLabelOptional 
public readonly releaseFailureIssueLabel: string;
  • Type: string
  • Default: "failed-release"

The label to apply to issues indicating publish failures.

Only applies if releaseFailureIssue is true.

releaseScheduleOptional
  • Deprecated: Use releaseTrigger: ReleaseTrigger.scheduled() instead
public readonly releaseSchedule: string;
  • Type: string
  • Default: no scheduled releases

CRON schedule to trigger new releases.

releaseTagPrefixOptional 
public readonly releaseTagPrefix: string;
  • Type: string
  • Default: "v"

Automatically add the given prefix to release tags. Useful if you are releasing on multiple branches with overlapping version numbers.

Note: this prefix is used to detect the latest tagged version when bumping, so if you change this on a project with an existing version history, you may need to manually tag your latest release with the new prefix.

releaseTriggerOptional 
public readonly releaseTrigger: ReleaseTrigger;
  • Type: ReleaseTrigger
  • Default: Continuous releases (ReleaseTrigger.continuous())

The release trigger to use.

releaseWorkflowNameOptional 
public readonly releaseWorkflowName: string;
  • Type: string
  • Default: "release"

The name of the default release workflow.

releaseWorkflowSetupStepsOptional 
public readonly releaseWorkflowSetupSteps: JobStep[];
  • Type: projen.github.workflows.JobStep[]

A set of workflow steps to execute in order to setup the workflow container.

versionrcOptionsOptional 
public readonly versionrcOptions: {[ key: string ]: any};
  • Type: {[ key: string ]: any}
  • Default: standard configuration applicable for GitHub repositories

Custom configuration used when creating changelog with standard-version package.

Given values either append to default configuration or overwrite values in it.

workflowContainerImageOptional 
public readonly workflowContainerImage: string;
  • Type: string
  • Default: default image

Container image to use for GitHub workflows.

workflowRunsOnOptional 
public readonly workflowRunsOn: string[];
  • Type: string[]
  • Default: ["ubuntu-latest"]

Github Runner selection labels.

workflowRunsOnGroupOptional 
public readonly workflowRunsOnGroup: GroupRunnerOptions;
  • Type: projen.GroupRunnerOptions

Github Runner Group selection options.

ScheduledReleaseOptions

Initializer 

import { release } from 'projen'

const scheduledReleaseOptions: release.ScheduledReleaseOptions = { ... }

Properties

NameTypeDescription
schedule
stringCron schedule for releases.
scheduleRequired 
public readonly schedule: string;
  • Type: string

Cron schedule for releases.

Only defined if this is a scheduled release.

Example

'0 17 * * *' - every day at 5 pm

Classes

ReleaseTrigger

Used to manage release strategies.

This includes release and release artifact automation

Static Functions

NameDescription
continuous
Creates a continuous release trigger.
manual
Creates a manual release trigger.
scheduled
Creates a scheduled release trigger.
continuous 
import { release } from 'projen'

release.ReleaseTrigger.continuous(options?: ContinuousReleaseOptions)

Creates a continuous release trigger.

Automated releases will occur on every commit.

optionsOptional
manual 
import { release } from 'projen'

release.ReleaseTrigger.manual(options?: ManualReleaseOptions)

Creates a manual release trigger.

Use this option if you want totally manual releases.

This will give you a release task that, in addition to the normal release activities will trigger a publish:git task. This task will handle project-level changelog management, release tagging, and pushing these artifacts to origin.

The command used for pushing can be customised by specifying gitPushCommand. Set to an empty string to disable pushing entirely.

Simply run yarn release to trigger a manual release.

optionsOptional

release options.

scheduled 
import { release } from 'projen'

release.ReleaseTrigger.scheduled(options: ScheduledReleaseOptions)

Creates a scheduled release trigger.

Automated releases will occur based on the provided cron schedule.

optionsRequired

release options.

Properties

NameTypeDescription
isContinuous
booleanWhether or not this is a continuous release.
isManual
booleanWhether or not this is a manual release trigger.
changelogPath
stringProject-level changelog file path.
gitPushCommand
stringOverride git-push command used when releasing manually.
paths
string[]Paths for which pushes will trigger a release when isContinuous is true.
schedule
stringCron schedule for releases.
isContinuousRequired 
public readonly isContinuous: boolean;
  • Type: boolean

Whether or not this is a continuous release.

isManualRequired 
public readonly isManual: boolean;
  • Type: boolean

Whether or not this is a manual release trigger.

changelogPathOptional 
public readonly changelogPath: string;
  • Type: string

Project-level changelog file path.

gitPushCommandOptional 
public readonly gitPushCommand: string;
  • Type: string

Override git-push command used when releasing manually.

Set to an empty string to disable pushing.

pathsOptional 
public readonly paths: string[];
  • Type: string[]

Paths for which pushes will trigger a release when isContinuous is true.

scheduleOptional 
public readonly schedule: string;
  • Type: string

Cron schedule for releases.

Only defined if this is a scheduled release.

Example

'0 17 * * *' - every day at 5 pm

Enums

CodeArtifactAuthProvider

Options for authorizing requests to a AWS CodeArtifact npm repository.

Members

NameDescription
ACCESS_AND_SECRET_KEY_PAIR
Fixed credentials provided via Github secrets.
GITHUB_OIDC
Ephemeral credentials provided via Github's OIDC integration with an IAM role.
ACCESS_AND_SECRET_KEY_PAIR

Fixed credentials provided via Github secrets.

GITHUB_OIDC

Ephemeral credentials provided via Github's OIDC integration with an IAM role.

See: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services